In this chapter you will learn how to work with processes.
Objectives : In this chapter, future Linux administrators will learn how to:
PPID of a process;
View and search for processes;
阅读时间: 20 分钟
An operating system consists of processes. These processes are executed in a specific order and are related to each other. There are two categories of processes, those focused on the user environment and those focused on the hardware environment.
When a program runs, the system will create a process by placing the program data and code in memory and creating a runtime stack. A process is therefore an instance of a program with an associated processor environment (ordinal counter, registers, etc...) and memory environment.
Each process has:
- a PID : Process IDentifier, a unique process identifier;
- a PPID : Parent Process IDentifier, unique identifier of parent process.
By successive filiations, the
init process is the father of all processes.
- A process is always created by a parent process;
- A parent process can have multiple child processes.
There is a parent/child relationship between processes. A child process is the result of the parent process calling the fork() primitive and duplicating its own code to create a child. The PID of the child is returned to the parent process so that it can talk to it. Each child has its parent's identifier, the PPID.
The PID number represents the process at the time of execution. When the process finishes, the number is available again for another process. Running the same command several times will produce a different PID each time.!!! Note Processes are not to be confused with threads. Each process has its own memory context (resources and address space), while threads from the same process share this same context.
ps command displays the status of running processes.
ps [-e] [-f] [-u login]
# ps -fu root
||Displays all processes.|
||Displays additional information.|
||Displays the user's processes.|
Some additional options:
||Displays the processes in the group.|
||Displays the processes running from the terminal.|
||Displays the process information.|
||Displays the information in a tree structure.|
||Displays additional information.|
||Sort the result according to a column.|
||Displays the header on each page of the terminal.|
||Customize the output display format.|
Without an option specified, the
ps command only displays processes running from the current terminal.
The result is displayed in columns:
# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 Jan01 ? 00:00/03 /sbin/init
||Parent process identifier.|
||Priority of the process.|
||Date and time of execution.|
The behaviour of the control can be fully customized:
# ps -e --format "%P %p %c %n" --sort ppid --headers PPID PID COMMAND NI 0 1 systemd 0 0 2 kthreadd 0 1 516 systemd-journal 0 1 538 systemd-udevd 0 1 598 lvmetad 0 1 643 auditd -4 1 668 rtkit-daemon 1 1 670 sssd 0
Types of processes¶
The user process:
- is started from a terminal associated with a user;
- accesses resources via requests or daemons.
The system process (demon):
- is started by the system;
- is not associated with any terminal, and is owned by a system user (often
- is loaded at boot time, resides in memory, and is waiting for a call;
- is usually identified by the letter
dassociated with the process name.
System processes are therefore called daemons (Disk And Execution MONitor).
Permissions and rights¶
When a command is executed, the user's credentials are passed to the created process.
By default, the actual
GID (of the process) are therefore identical to the actual
GID of the user who executed the command).
SGID) is set on a command, the actual
GID) becomes that of the owner (and/or owner group) of the command and no longer that of the user or user group that issued the command. Effective and real UIDs are therefore different.
Each time a file is accessed, the system checks the rights of the process according to its effective identifiers.
A process cannot be run indefinitely, as this would be to the detriment of other running processes and would prevent multitasking.
The total processing time available is therefore divided into small ranges, and each process (with a priority) accesses the processor in a sequenced manner. The process will take several states during its life among the states:
- ready: waiting for the availability of the process;
- in execution: accesses the processor;
- suspended: waiting for an I/O (input/output);
- stopped: waiting for a signal from another process;
- zombie: request for destruction;
- dead: the father of the process kills his son.
The end of process sequencing is as follows:
- Closing of the open files;
- Release of the used memory;
- Sending a signal to the parent and child processes.
When a parent process dies, its children are said to be orphans. They are then adopted by the
init process which will destroy them.
The priority of a process¶
The processor works in time sharing with each process occupying a quantity of processor time.
The processes are classified by priority whose value varies from -20 (the highest priority) to +19 (the lowest priority).
The default priority of a process is 0.
Modes of operation¶
Processes can run in two ways:
- synchronous: the user loses access to the shell during command execution. The command prompt reappears at the end of the process execution.
- asynchronous: the process is processed in the background. The command prompt is displayed again immediately.
The constraints of the asynchronous mode:
- the command or script must not wait for keyboard input;
- the command or script must not return any result on the screen;
- quitting the shell ends the process.
Process management controls¶
kill command sends a stop signal to a process.
kill [-signal] PID
$ kill -9 1664
||SIGINT||Immediate termination of the process|
||SIGKILL||中断进程(CTRL + D)|
||SIGTERM||Clean termination of the process|
||SIGCONT||Resume the process|
||SIGSTOP||Suspend the process|
Signals are the means of communication between processes. The
kill command sends a signal to a process.
!!! Tip The complete list of signals taken into account by the
kill command is available by typing the command :
$ man 7 signal
nohup allows the launching of a process independently of a connection.
$ nohup myprogram.sh 0</dev/null &
nohup ignores the
SIGHUP signal sent when a user logs out.
!!! Note "Question"
nohup handles standard output and error, but not standard input, hence the redirection of this input to
[CTRL] + [Z]¶
By pressing the CTRL + Z keys simultaneously, the synchronous process is temporarily suspended. Access to the prompt is restored after displaying the number of the process that has just been suspended.
& statement executes the command asynchronously (the command is then called job) and displays the number of job. Access to the prompt is then returned.
$ time ls -lR / > list.ls 2> /dev/null &  15430 $
The job number is obtained during background processing and is displayed in square brackets, followed by the
fg command puts the process in the foreground:
$ time ls -lR / > list.ls 2>/dev/null & $ fg 1 time ls -lR / > list.ls 2/dev/null
while the command
bg places it in the background:
[CTRL]+[Z] ^Z + Stopped $ bg 1  15430 $
Whether it was put in the background when it was created with the
& argument or later with the CTRL +Z keys, a process can be brought back to the foreground with the
fg command and its job number.
jobs command displays the list of processes running in the background and specifies their job number.
$ jobs - Running sleep 1000 + Running find / > arbo.txt
The columns represent:
- job number;
- the order in which the processes run
+: this process is the next process to run by default with
-: this process is the next process to take the
- Running (running process) or Stopped (suspended process).
- the command
nice allows the execution of a command by specifying its priority.
nice priority command
$ nice -n+15 find / -name "file"
root, a standard user can only reduce the priority of a process. Only values between +0 and +19 will be accepted.
!!! Tip This last limitation can be lifted on a per-user or per-group basis by modifying the
renice command allows you to change the priority of a running process.
renice priority [-g GID] [-p PID] [-u UID]
$ renice +15 -p 1664
GIDof the process owner group. | |
PIDof the process. | |
UIDof the process owner. |
renice command acts on processes already running. It is therefore possible to change the priority of a specific process, but also of several processes belonging to a user or a group.
!!! Tip The
pidof command, coupled with the
xargs command (see the Advanced Commands course), allows a new priority to be applied in a single command:
$ pidof sleep | xargs renice 20
top command displays the processes and their resource consumption.
$ top PID USER PR NI ... %CPU %MEM TIME+ COMMAND 2514 root 20 0 15 5.5 0:01.14 top
||Processor usage time.|
top command allows control of the processes in real time and in interactive mode.
pgrep command searches the running processes for a process name and displays the PID matching the selection criteria on the standard output.
pkill command will send the specified signal (by default SIGTERM) to each process.
pgrep process pkill [-signal] process
- Get the process number from
$ pgrep -u root sshd
- Kill all
$ pkill tomcat